CASIT is working on a small list of specific, known, vulnerable hosts and contacting those customers where possible and having them update their machines. If we don’t contact you, run updates and restart your machine as this is the best way to ensure your machine/device is not vulnerable.

The Information Security Office continues notifying departmental IT staff of machines in their departments that are vulnerable to network propagation of this threat, and will notify them again today before 5:00pm.

If you have any questions, please contact us by email: casit@uoregon.edu or by phone at x6-2388.

A recent update to WordPress may have disabled a link that allows UO Blogs user to log in by clicking on a Log In button on the upper-left of certain sites. While the link could be fixed in the coming days or weeks, we wanted to ensure that you can gain access to your site(s) with little inconvenience in the meantime. Due to a recent spate of calls, we have issued this post on how to utilizes both that method and another workaround so that you can access your sites.

Process

There are two primary methods for logging on to your site:

Method One

Click the Log In link on the upper-left of the browser window

Sign in using your Duck ID and password by clicking on the Use My Duck ID button

Then, you will arrive at the Dashboard for your site(s)

Note: You may have to click on View My Sites if you have access to multiple sites (as seen below)

Method Two

Similar to Method one above, this will give you access to your site but through the UO Blogs main website. Go to blogs.uoregon.edu/ then click on the Login tab:

Then continue to proceed through the steps of Method One as described above.

[/expand]

Once logged in, you’ll see the administrative toolbar above the site header which will allow you to add more content or return to the site dashboard (as in the image below for CASIT Blog administrators).

According to the article quoting the Department of Transportation, “automakers and tech companies will share data with each other and the government as they test their autonomous vehicles at these sites… The proving grounds are intended to test autonomous vehicle safety and handling in a variety of road conditions. According to the former and newly appointed secretaries for the agency, the goal is to form a Community of Practice around safe testing and deployment and to work with Congress to position the federal government as a catalyst for safe, efficient technologies. Notably, two of the sites will be in California close to Silicon Valley as to test the technology and in Michigan to work with the big US automakers there.

As reported by this blog from a couple years ago, the Norwegian government has commenced the shutdown of its nationwide FM radio network in favor of a digital signal. The process began on Wednesday in the town of Bodø, in the Nordland province in north-central Norway. The government decided to move to a digital format called DAB+ and says that due to the operating costs of FM, the switch will save money by nearly eightfold in powering their broadcast operations. Advocates for the switch say that DAB+ will have a clearer sound than FM especially in areas where fjords and mountains interfere with FM signals.

Despite this, a recent poll shows that two-thirds of Norwegians are against ditching FM with the concern that they would miss warnings for emergencies that are typically broadcast on FM. Additionally, opponents of the shut down say the hardware needed to listen to DAB+ through a $170 adapter to listen in a car.

FM signals will be available in parts of Norway through 2022 as local and regional stations start the transition process. NRK, Norway’s largest national radio station, is now on DAB+ in the Nordland province.

History Courses: Drupal site created for the History Department. It is used by faculty to submit courses they would like to teach. History administrator then take the requests and plan the year’s course offerings.

International Environmental Agreements Database Project: It was previously a custom PHP application. The site has 100K+ nodes. The site uses common Drupal modules and a custom module to provide the rich data in structured reports that you can see. The site also is a tool for the client as well as end-users to analyze the data and use it in their research.

The Medieval Elbe: It was developed for History professors Lisa Wolverton and Jonathan Lyon who are developing and presenting research and teaching materials about the interactions between Slavs and Germans in the Central Middle Ages along the Elbe river and beyond. The site allows the professors to highlight the texts and tag them with various labels. This is then presented to users to interact and review texts under those labels.

The Zone Improvement Plan (ZIP) was invented in 1963 to help the United States Postal Service organize mail due to large increasingly large mail volumes. The five number ZIP code increases is specificity from region to large sorting centers to smaller post offices. The system grew in 1983 to accommodate for the growing nation by adding a four number suffix to the ZIP code (also called ZIP+4). Geocoding technology has now created the possibility of more specific addressing.

There are other systems in place in other countries that incorporate letters to increase the specificity compared to only using numbers (as seen in Canada and the United Kingdom).

The podcast and associated blog, 99 Percent Invisible, recently reported on a new technology that is used to reduce unwanted urban noise pollution. Sono is a concept conceived of by Rudolf Stefanich that can be used similarly to noise-canceling headphones. The Sono would be able to filter out sounds in order to hear others more clearly, like birds chirping in nearby trees or to eliminate ambient noise to better listen in a quiet conversation.

Another prototype being developed by another company is called Muzo–which its creators claim–can cancel noise and create mobile bubbles of privacy. The device was crowdfunded through a Kickstarter campaign but its efficacy is still unknown.

For more information about both prototypes and similar wearables, click here.

An iOS vulnerability found using the Safari web browser has been found to also affect Mac OS X versions as well. Apple released a new version of Safari (9.1.3) yesterday that will fix the vulnerability.

“The exploit allowed hackers to take full control over a victim’s device by tricking them into click a malicious link”, according to Brian Barrett of Wired.com:

Created by a shadowy cyberarms groups called NSO Group, the attack was discovered after a human rights activist named Ahmed Mansoor received two suspicious SMS messages. Suspecting a phishing attempt, he contacted researchers at Citizen Lab, who were able to identify the exploit’s exact mechanisms.

It’s not surprising that Apple’s desktop products are also affected; the vulnerability lies in Safari’s WebKit, the engine that drives web browsing on all of Apple’s hardware products.

In order to run the update, go the the Apple menu, select the App Store option, then click on Updates. The update will require a restart of the machine or device to take effect.

Theme Adoption

The process for adopting this theme is as simple as sending a request for the CAS Department Theme to the Information Service Tech Desk via email along with the URL of the department site. Each of the additional plugins like the Courses and Profiles plugins require requests through the same channel.

Some considerations to keep in mind moving forward are that the existing content on the site prior to the theme change may be altered in order to comply with the new theme. One issue that could arise would be in conjunction with how menus are created, managed, and displayed (as seen in a previous post).